Cyber Security – CERTs, Policy, etc

What is the ‘SIM Swap Scam’ — and how can you protect yourself?

Note4Students

From UPSC perspective, the following things are important :

Prelims level: SIM Swap Scam

Mains level: Phishing and other financial crimes

sim swap scam

Central Idea

  • In recent years, the SIM swap scam has emerged as a significant threat to individuals’ financial security.
  • This fraudulent scheme exploits the link between physical SIM cards and banking applications, allowing scammers to gain access to victim’s bank accounts and personal information.

SIM Swap Scam: An Overview

  • Exploiting Technological Advances: The SIM swap scam capitalizes on the integration of banking applications with phone numbers, enabling the generation of OTPs (One-Time Passwords) and the receipt of critical bank-related messages.
  • Acquiring Personal Data: Scammers begin by collecting victims’ personal details, including phone numbers, bank account information, and addresses, often through phishing or vishing (voice phishing) techniques. Phishing involves sending malware-laden links through emails or messages to steal personal data.
  • Forging Victim Identity: Armed with the stolen data, fraudsters visit a mobile operator’s retail outlet, impersonating the victim with forged ID proof. They falsely report the theft of the victim’s SIM card and/or mobile phone. As a result, they obtain a duplicate SIM card. Notably, fraudsters can secure a duplicate SIM even if the original is still functional. All activation messages and information are directed to the scammer rather than the victim.

Why do victims receive Missed Calls?

  • Strategic Communication: In contrast to typical scams that involve tricking individuals into divulging OTPs and private data during phone calls, the SIM swap scam operates differently.
  • Distraction Tactic: Fraudsters initiate missed calls to their targets, prompting victims to check their phones and potentially ignore network connectivity issues.
  • SIM Exchange Execution: Perpetrators use these missed calls as a diversion while they execute the SIM swap. Once the SIM is swapped, fraudsters gain control over all calls and messages through the victim’s SIM, allowing them to initiate transactions unnoticed.

How do scammers withdraw money?

  • Phishing Information: After acquiring personal data through phishing attacks, scammers use this information to access bank portals and generate OTPs required for fund withdrawal.
  • OTP Access: Having control over the victim’s SIM card, fraudsters receive all OTPs, enabling them to authenticate transactions and steal money.
  • Data Sources: Accused individuals purchase data from hackers involved in data breaches or from online portals. Data breaches often involve private companies losing vast amounts of customer data.
  • Example: In April, Rentomojo, an electronics and furniture rental company, reported a data breach, acknowledging unauthorized access to customer data due to a cloud misconfiguration.

Arrests and Challenges

  • Absence of Arrests: Delhi Police has not made any arrests related to the SIM swap scam. The accused effectively evaded capture by discarding duplicate SIMs and operating from multiple locations.
  • Cryptocurrency Conversion: Stolen funds are often converted into cryptocurrency, making tracking Bitcoin or other cryptocurrency transactions impossible due to encryption.

Protecting Yourself from SIM Swap Fraud

  • Stay Vigilant: Be cautious of vishing or phishing attacks and avoid clicking on suspicious links or sharing sensitive information.
  • Don’t Ignore Missed Calls: Don’t ignore missed calls or switch off your phone, especially if you receive multiple missed calls. Contact your mobile operator immediately if such activity occurs.
  • Regularly Update Passwords: Change bank account passwords regularly for added security.
  • Set Up Alerts: Register for regular SMS and email alerts for banking transactions to stay informed.
  • Report Fraud: In case of fraud, promptly contact your bank authorities to block your account and prevent further fraud.

Get an IAS/IPS ranker as your 1: 1 personal mentor for UPSC 2024

Attend Now

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments

JOIN THE COMMUNITY

Join us across Social Media platforms.

💥Mentorship New Batch Launch
💥Mentorship New Batch Launch